Cisco advised admins Thursday to patch a critical authentication bypass flaw in Catalyst SD-WAN Manager and Controller that lets hackers take complete control with no password. The bug, tracked as CVE-2026-20182, scored the maximum 10.0 on the CVSS severity scale, putting it on par with the worst network gear vulnerabilities we’ve seen recently. Both components—formerly called vSmart and vManage—are affected in every deployment setup, which means no configuration is safe unless updated immediately. Cisco released fixes the same day it disclosed the issue, but given how easy this bug is to exploit, waiting even a few hours could be risky for any organization running these systems. The company didn’t say if attackers had already started exploiting it, but the flaw is so straightforward that it’s only a matter of time before someone tries. Cisco’s advisory says unpatched systems could let remote attackers bypass authentication entirely, then issue arbitrary NETCONF commands. That’s network admin-level access, which means hackers could steal data, reroute traffic, tweak firewall rules, or shut the whole system down for good. The internet-facing nature of these components makes the risk even worse, since anyone on the web could probe for vulnerable systems without even needing an inside foothold. Rapid7 researchers Stephen Fewer and Jonah Burgess found and reported the flaw, and they confirmed that exploitation doesn’t require any user interaction or special conditions beyond a network connection. The patch process is simple: admins just need to update the affected software versions, but the urgency comes from how trivial it is for attackers to weaponize this bug. Cisco’s track record with zero-days isn’t great lately, and this is at least the third max-severity issue they’ve disclosed in SD-WAN gear this year alone. Organizations using Catalyst SD-WAN Manager or Controller should treat this like a red-alert fire drill—stop what they’re doing, test the patch in a non-production environment, and deploy it everywhere as soon as possible. Any delay risks handing control of their network to whoever spots the flaw first, and that could mean ransomware, data theft, or worse. The good news is Cisco’s response was fast, which is a small comfort given how often vendors drag their feet on critical fixes. Still, the real test will be whether admins actually apply the patches before attackers turn this into the next big breach headline. If history is any guide, too many will wait until it’s too late.

What You Need to Know

  • Source: The Register
  • Published: May 15, 2026 at 11:15 UTC
  • Category: Technology
  • Topics: #theregister · #tech · #enterprise · #security · #vulnerability · #patch

Read the Full Story

This is a curated summary. For the complete article, original data, quotes and full analysis:

Read the full story on The Register →

All reporting rights belong to the respective author(s) at The Register. GlobalBR News summarizes publicly available content to help readers discover the most relevant global news.

Curated by GlobalBR News · May 15, 2026

🇧🇷 Resumo em Português

Vulnerabilidade crítica em equipamentos Cisco deixa redes corporativas brasileiras em alerta

Uma brecha de segurança crítica em dispositivos da Cisco, que pode ser explorada remotamente em questão de minutos, acendeu o alerta vermelho em empresas brasileiras que utilizam soluções de gerenciamento de redes. A fabricante identificou uma falha no Catalyst SD-WAN Manager e no Controller, permitindo que invasores obtenham acesso total ao sistema, comprometendo dados sensíveis e a infraestrutura de comunicação. Com a crescente digitalização e dependência de redes híbridas no país, o risco é ainda maior em setores como finanças, saúde e serviços essenciais.

A vulnerabilidade, classificada como de “máxima gravidade” pela Cisco, explora uma brecha na autenticação de administradores, facilitando a execução de ataques sem a necessidade de interação do usuário. No Brasil, onde muitas organizações ainda dependem de soluções legadas ou não atualizam seus sistemas com frequência, o perigo se amplia. Especialistas alertam que, sem a aplicação imediata do patch disponibilizado pela Cisco, redes corporativas e até governamentais podem se tornar alvos fáceis para cibercriminosos, com potenciais prejuízos financeiros e vazamento de informações estratégicas.

A Cisco já publicou atualizações emergenciais para corrigir o problema, mas a pressa na aplicação dos reparos será crucial para evitar incidentes. Enquanto isso, empresas brasileiras precisam revisar suas políticas de segurança e garantir que todas as equipes de TI estejam cientes da urgência — afinal, o tempo é o maior inimigo quando o assunto é cibersegurança.

🇪🇸 Resumen en Español

La compañía tecnológica Cisco ha alertado sobre una vulnerabilidad crítica en sus dispositivos de gestión y control de redes SD-WAN, considerada de máxima severidad y de explotación sencilla para los atacantes.

El fallo, presente en las plataformas Catalyst SD-WAN Manager y Controller, permite a los ciberdelincuentes obtener privilegios de administrador de forma remota y en cuestión de minutos, sin necesidad de autenticación avanzada. Dada la popularidad de estos equipos en infraestructuras empresariales y de telecomunicaciones, el riesgo se extiende a organizaciones de todo el mundo, especialmente en sectores clave como banca o salud. Cisco ya ha lanzado parches de seguridad, por lo que los administradores deben actualizar urgentemente sus sistemas para evitar posibles brechas que comprometan la confidencialidad y operatividad de sus redes.